From the Editor: Knowing Matters

Database
Middleware
Developer Tools
Enterprise Management
Applications Technology
Products A-Z

BI & Data Warehousing
Embedded
Java
Linux
.NET
PHP
Security
Service-Oriented Architecture
Windows Server System
Virtualization
Technologies A-Z

COMMUNITY

Join OTN
Oracle ACEs
Oracle Wiki
Blogs
Podcasts
Events
Newsletters
Oracle Magazine
Oracle Books
Certification
User Groups
Partner White Papers

Printer View

E-mail this page

Bookmark

As Published In

September/October 2004

From the Editor

Knowing Matters
By Jeff Spicer

Bringing security, simplicity, and sanity to identity management

The need to manage user IDs and their associated characteristics and credentials almost certainly arose when the very first IDs were assigned to the very first business computer users. After all, to be useful, even those first rudimentary user IDs would have needed access rights and a simple authentication mechanism, requiring the most basic of administration.

Let's assume that one of these first users was named Isidore at Company X. Isidore's first user ID allowed him to access several company systems and databases. Soon, Isidore's company deployed a new e-mail system, and an account for that system was created for him. Over the course of the next several years, Company X acquired a document management system, several Web-based business applications, and a workflow tool, each requiring new accounts for Isidore, complete with username, password, associated credentials, and so forth.

Eventually, with the business world becoming increasingly virtual, Isidore's company began authorizing partners and customers to perform various online trading operations, allowing them to access applications and databases internal to Company X. Isidore himself acquired accounts with several partners, helping streamline many of his tasks and simplify various responsibilities.

The great irony in the story of Isidore's company, is that while his company was realizing efficiencies in many areas due to new Web-based applications, online interactions with partners, and a host of new productivity applications, these new systems were also adding to overall administrative complexity, with their lists of user IDs and the related authentication, authorization, provisioning, and directory synchronization tasks. In addition to undermining administrative simplicity, these new systems were compromising company security—many of the user authentication systems were outmoded and easily bypassed, and accounts of former employees were still in existence, for example—and threatening employee sanity by requiring each employee to keep track of scores of user IDs and passwords for the various systems and applications.

Clearly, this company was ripe for identity management.

Identity management isn't a set of products; rather, it is the secure administration of the entire lifecycle of all users and entities that access a network in an organization. The processes that comprise a secure identity management strategy are supported by identity management systems: products and services that allow for administering end user accounts and other network resources.
Next Steps

LEARN more about Oracle Identity Management

READ more about Oracle OpenWorld

The identity management product and service market is already somewhat mature, having done an estimated US$2.3 billion worth of business last year, on track to grow to US$3.3 billion by 2008, according to the Yankee Group.

In this issue of Oracle Magazine, we examine the issue of identity management and profile companies that have built or are in the process of building identity management systems based on technologies from Oracle and its partners. Author Michael Miley provides all the technical detail you need regarding Oracle's offerings (which include an LDAP directory service, directory integration and provisioning services, a delegated administration service application, authentication and authorization services, and an X.509 V3 certificate authority) and explains why those offerings are unique in the marketplace today. Through the real-world examples Miley presents, you'll get a solid idea of what companies like yours are doing to help keep their systems and data secure, simplify the administration of user IDs, and help make their employees' work lives a little saner.

Make Plans to Attend Oracle Openworld

Oracle OpenWorld, Oracle's annual conference and trade show, is right around the corner. This year the conference covers not just Oracle's core technology products (the database, application server, developer tools, reporting utilities, and so forth) but also Oracle's business applications. As such, the event will be a megaconference at which attendees will be able to learn about strategies for all Oracle products; interact with scores of Oracle employees and partners; get product and business strategy advice; and in short, have a great time. Hope to see you there.

Jeff Spicer, Editor in Chief
jeff.spicer@oracle.com

Send us your comments

E-mail this page

Printer View

	About Oracle \| \| Careers \| Contact Us \| Site Maps \| Legal Notices \| Terms of Use \| Privacy